Collaboration

Identity Self-Service & Delegated Identity Administration

What are the Challenges?

The onboarding process of a non-employee sometimes doesn’t exist. If one does exist, it is often manual, slow, inconsistent and risk-laden.

Non-employees are oftentimes given the same access as full-time employees, which poses a much greater risk as they are not as invested in the company as a full-time employee. In addition, partners often fail to provide notification when their employees have been terminated, resulting in the terminated non-employee having continued (unauthorized) access to systems and applications.

Frequently, organizations struggle with how to best provide access for their non-employees without leaving themselves vulnerable. Finding an intuitive and easily adaptable way to enable your business to onboard non-employees while ensuring appropriate controls are in place prior to granting access to your sensitive data is challenging.

What is the NE Access Solution?

NE Access provides a portal for self-service or third party delegated administration of identity lifecycle process. Non-employees and third party delegated admins can regularly validate identity relationships to ensure access is being governed effectively.

THIRD PARTY DELEGATED ADMINISTRATION

Third party delegated administrators can be assigned to execute processes such as onboarding, updating, or terminating identities. Bringing third parties into the process alleviates the arduous task of identity administration by the organization, while maintaining oversight and governance.

THIRD PARTY DELEGATED VALIDATION

Control the risk associated with ineffective offboarding by requiring your vendor to attest to the relationship and/or employment status of a non-employee resource.

SELF-SERVICE REGISTRATION

Take the burden of collecting accurate information off your business users and administrators by allowing non-employees to provide and maintain their own identity data. NE Access allows for the attachment of documents and for the acceptance of corporate policies.

SELF-CERTIFICATION

Empower non-employees to self-certify their relationship through controlled email verification by allowing only validated vendor email domains when they register.

STANDARDS BASED AUTHENTICATION

NE Access supports authentication using LDAP, OAUTH, and SAML. An LDAP directory is included out of the box, but easily attaches to existing directories.

Features

Self-Service Portals

Create, manage and maintain any number of portals for all third parties — partners, contractors, vendors and customers. Allowing third parties to self-register and provide information saves time and effort on the part of the organization and reduces human error.

Delegated Identity Administration

Create, manage and maintain any number of portals for all third parties; partners, contractors, vendors and customers. Allowing third parties to self-register and provide information saves time and effort on the part of the organization and reduces human error.

Self-Service Identity Certification

Engage third parties to self-certify. Regularly scheduled or contextual self-validations can occur via email with verification codes. By controlling which domains are allowed to register for access, organizations are able to send out emails to non-employees periodically or contextually, requiring a response to avoid having identities disabled.

Delegated Identity Validation

Assigned partner managers can be required to attest to the access of non-employee identities. Often organizations do not know if a non-employee is still engaged, which leads to orphaned or abandoned access. Requiring delegated admins to attest that users are still with the partner and engaged allows organizations to more effectively manage that identity and its access. Regular validation of identity relationships can help alleviate access certification fatigue for your internal resources.

Standards Based Authentication

Out of the box integration to any LDAP for provisioning and authentication of access. Product supports standards based authentications such as SAML and social based authentication using OAUTH.